Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,365 advisories

Loading
Malicious HTML+XHR Artifact Privilege Escalation in Argo Workflows High
CVE-2022-29164 was published for github.com/argoproj/argo-workflows/v3 (Go) May 23, 2022
alexec
In target_init of gs101/abl/target/slider/target.c, there is a possible allocation of RWX memory... High Unreviewed
CVE-2021-39684 was published Jan 15, 2022
In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible... High Unreviewed
CVE-2021-39625 was published Jan 15, 2022
An issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit,... Moderate Unreviewed
CVE-2021-44840 was published Jan 19, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow an... High Unreviewed
CVE-2021-0099 was published Feb 11, 2022
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions... High Unreviewed
CVE-2021-39621 was published Jan 15, 2022
In QuickBox Pro v2.5.8 and below, the config.php file has a variable which takes a GET parameter... High Unreviewed
CVE-2021-44981 was published Jan 25, 2022
The eFTL Server component of TIBCO Software Inc.'s TIBCO eFTL - Community Edition, TIBCO eFTL -... High Unreviewed
CVE-2021-43055 was published Jan 12, 2022
Improper Privilege Management in Concrete CMS High
CVE-2021-22966 was published for concrete5/core (Composer) Nov 23, 2021
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions... Moderate Unreviewed
CVE-2020-12527 was published May 24, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to priviledge escalation where a... Moderate Unreviewed
CVE-2021-29824 was published Apr 23, 2022
Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0... High Unreviewed
CVE-2022-36833 was published Aug 6, 2022
Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users... High Unreviewed
CVE-2018-14791 was published May 13, 2022
SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP... Moderate Unreviewed
CVE-2022-29614 was published Jun 15, 2022
Improper Privilege Management in Apache Hadoop High
CVE-2020-9492 was published for org.apache.hadoop:hadoop-common (Maven) Feb 9, 2022
In enqueueNotificationInternal of NotificationManagerService.java, there is a possible way to run... High Unreviewed
CVE-2021-0981 was published Dec 16, 2021
Potential security vulnerabilities including compromise of integrity, and allowed communication... High Unreviewed
CVE-2020-6922 was published Feb 17, 2022
Improper Privilege Management in MySQL Connectors Java High
CVE-2018-3258 was published for mysql:mysql-connector-java (Maven) May 13, 2022
Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-38007 was published Sep 14, 2022
A Least Privilege Violation vulnerability in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack... High Unreviewed
CVE-2018-17954 was published May 24, 2022
Improper Privilege Management in Elasticsearch High
CVE-2020-7009 was published for org.elasticsearch:elasticsearch (Maven) May 24, 2022
Tarball permission preservation in puppet Moderate
CVE-2017-10689 was published for puppet (RubyGems) May 13, 2022
BenK0lin
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows... Low Unreviewed
CVE-2020-7281 was published May 24, 2022
An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up... High Unreviewed
CVE-2020-11492 was published May 24, 2022
com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of... High Unreviewed
CVE-2020-15360 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database